Add Vaultwarden stack

Updating Traefik2 stack
Add PiHole stack
2024-12-30 15:01:42 -05:00 · 2024-12-30 14:54:33 -05:00 · 2024-12-30 14:51:09 -05:00 · 2024-12-30 14:50:03 -05:00 · 2024-12-30 14:48:04 -05:00 · 2024-12-30 14:46:12 -05:00
11 changed files with 124 additions and 207 deletions
--- a/HomeAssistant/docker-compose.yaml
+++ b/HomeAssistant/docker-compose.yaml
@ -0,0 +1,17 @@
 version: "3.8"
 name: homeassistant
 services:
  homeassistant:
    container_name: homeassistant
    image: "ghcr.io/home-assistant/home-assistant:stable"
    volumes:
      - ./config:/config
      - /etc/localtime:/etc/localtime:ro
      - /run/dbus:/run/dbus:ro
    restart: unless-stopped
    privileged: true
    network_mode: host
    ports: 
      - 8123 : 8123
--- a/Homepage/docker-compose.yaml
+++ b/Homepage/docker-compose.yaml
@ -3,8 +3,13 @@ services:
  homepage:
    image: ghcr.io/gethomepage/homepage:latest
    container_name: homepage
    restart: always
    #extra_hosts:
    #  - hostname:ip # required if you refer to your services with hostnames instead of ip
    ports:
      - ${HOMEPAGE_HTTP_PORT}:3000
    volumes:
-      - ${HOMEPAGE_DIR}:/app/config # Make sure your local config directory exists
+      - ${HOMEPAGE_DIR}:/app/config
-      - /var/run/docker.sock:/var/run/docker.sock # (optional) For docker integrations
+      - ${HOMEPAGE_ICONS}:/app/public/icons
      - /var/run/docker.sock:/var/run/docker.sock
--- a/Homepage/stack.env
+++ b/Homepage/stack.env
@ -1,5 +1,3 @@
-HOMEPAGE_DIR=/path/to/homepage
+HOMEPAGE_DIR=/home/portainer/homepage
-HOMEPAGE_HTTP_PORT=3000
+HOMEPAGE_ICONS=/home/portainer/homepage/icons
-
+HOMEPAGE_HTTP_PORT=3000
 HOMEPAGE_PUID=1000
 HOMEPAGE_PGID=1000
--- a/Nextcloud/docker-compose.yaml
+++ b/Nextcloud/docker-compose.yaml
@ -1,145 +1,18 @@
 services:
-  aio-apache:
+  mastercontainer:
-    depends_on:
+    image: nextcloud/all-in-one:latest
      aio-nextcloud:
        condition: service_started
        required: false
      aio-notify-push:
        condition: service_started
        required: false
    image: nextcloud/aio-apache:latest
    init: true
    restart: always
    container_name: nextcloud-aio-mastercontainer
    volumes:
      - nextcloud_aio_mastercontainer:/mnt/docker-aio-config
      - /var/run/docker.sock:/var/run/docker.sock:ro
    network_mode: bridge
    ports:
-      - ${APACHE_IP_BINDING}:${APACHE_PORT}:${APACHE_PORT}/tcp
+      - 8080:8080
      - ${APACHE_IP_BINDING}:${APACHE_PORT}:${APACHE_PORT}/udp
    env_file:
      - stack.env
    volumes:
      - nextcloud_aio_nextcloud:/var/www/html:ro
      - nextcloud_aio_apache:/mnt/data:rw
    restart: unless-stopped
    networks:
      - nextcloud-aio
    read_only: true
    tmpfs:
      - /var/log/supervisord
      - /var/run/supervisord
      - /usr/local/apache2/logs
      - /tmp
      - /home/www-data
    labels:
      - traefik.enable=true
      # HTTP redirection to HTTPS
      - traefik.http.routers.nextcloud.entrypoints=web
      - traefik.http.routers.nextcloud.rule=Host(`${NEXTCLOUD_URL}`)
      - traefik.http.middlewares.nextcloud-https-redirect.redirectscheme.scheme=https
      - traefik.http.routers.nextcloud.middlewares=nextcloud-https-redirect
      # HTTPS config
      - traefik.http.routers.nextcloud-secure.entrypoints=websecure
      - traefik.http.routers.nextcloud-secure.rule=Host(`${NEXTCLOUD_URL}`)
      - traefik.http.routers.nextcloud-secure.tls=true
      - traefik.http.routers.nextcloud-secure.tls.certresolver=myresolver
      - traefik.http.services.nextcloud-secure.loadbalancer.server.port=21000
      - traefik.docker.network=proxy
      - homepage.group=Cloud
      - homepage.name=Nextcloud
      - homepage.icon=nextcloud.png
      - homepage.href=https://${NEXTCLOUD_URL}
      - homepage.description=Personnal cloud 
      - homepage.widget.type=nextcloud
      - homepage.widget.url=https://${NEXTCLOUD_URL}
      - homepage.widget.username=${NEXTCLOUD_API_USERNAME}
      - homepage.widget.password=${NEXTCLOUD_API_PASSWORD}
  aio-database:
    image: nextcloud/aio-postgresql:latest
    init: true
    expose:
      - "5432"
    volumes:
      - nextcloud_aio_database:/var/lib/postgresql/data:rw
      - nextcloud_aio_database_dump:/mnt/data:rw
    env_file:
      - stack.env
    stop_grace_period: 1800s
    restart: unless-stopped
    shm_size: 268435456
    networks:
      - nextcloud-aio
    read_only: true
    tmpfs:
      - /var/run/postgresql
  aio-nextcloud:
    depends_on:
      aio-database:
        condition: service_started
        required: false
      aio-redis:
        condition: service_started
        required: false
    image: nextcloud/aio-nextcloud:latest
    init: true
    expose:
      - "9000"
      - "9001"
    volumes:
      - nextcloud_aio_nextcloud:/var/www/html:rw
      - ${NEXTCLOUD_USER_DIR}:/mnt/ncdata:rw
      - ${NEXTCLOUD_DOCKER_DIR}:/mnt:rw
      - ${NEXTCLOUD_TRUSTED_CACERTS_DIR}:/usr/local/share/ca-certificates:ro
    env_file:
      - stack.env
    stop_grace_period: 600s
    restart: unless-stopped
    networks:
      - nextcloud-aio
  aio-notify-push:
    image: nextcloud/aio-notify-push:latest
    init: true
    expose:
      - "7867"
    volumes:
      - nextcloud_aio_nextcloud:/nextcloud:ro
    env_file:
      - stack.env
    restart: unless-stopped
    networks:
      - nextcloud-aio
    read_only: true
  aio-redis:
    image: nextcloud/aio-redis:latest
    init: true
    expose:
      - "6379"
    env_file:
      - stack.env
    volumes:
      - nextcloud_aio_redis:/data:rw
    restart: unless-stopped
    networks:
      - nextcloud-aio
    read_only: true
 volumes:
-  nextcloud_aio_apache:
+  nextcloud_aio_mastercontainer:
-    name: nextcloud_aio_apache
+    name: nextcloud_aio_mastercontainer
  nextcloud_aio_database:
    name: nextcloud_aio_database
  nextcloud_aio_database_dump:
    name: nextcloud_aio_database_dump
  nextcloud_aio_nextcloud:
    name: nextcloud_aio_nextcloud
  nextcloud_aio_redis:
    name: nextcloud_aio_redis
 networks:
  nextcloud-aio:
    name: nextcloud-aio
    driver: bridge
--- a/Nextcloud/stack.env
+++ b/Nextcloud/stack.env
@ -1,39 +1,5 @@
-NEXTCLOUD_URL=nextcloud.example.com
+APACHE_PORT=3003
 TZ=America/Toronto
 NEXTCLOUD_DOCKER_DIR=/path/to/nextcloud
 NEXTCLOUD_DATA_DIR=/path/to/users/data
 NEXTCLOUD_TRUSTED_CACERTS_DIR=./certificates
 NEXTCLOUD_API_USERNAME=YourApiUsername
 NEXTCLOUD_API_PASSWORD=YourApiPassword
 ADMIN_USER=admin
 ADMIN_PASSWORD=YOUR_ADMIN_PASSWORD
 APACHE_IP_BINDING=0.0.0.0
-APACHE_PORT=21000
+NEXTCLOUD_MOUNT=/mnt/nextcloud_smb # this is an smb mount point mounted in /etc/fstab
-APACHE_MAX_TIME=3600
+NEXTCLOUD_DATADIR=/mnt/nextcloud_smb/data
-APACHE_MAX_SIZE=10737418240
+SKIP_DOMAIN_VALIDATION=false
 NEXTCLOUD_UPLOAD_LIMIT=10G
 POSTGRES_DB=nextcloud_database
 POSTGRES_HOST=aio-database
 POSTGRES_PASSWORD=YOUR_DB_PASSWORD
 POSTGRES_USER=nextcloud
 CLAMAV_ENABLED=false
 COLLABORA_ENABLED=false
 FULLTEXTSEARCH_ENABLED=false
 IMAGINARY_ENABLED=false
 TALK_ENABLED=false
 ONLYOFFICE_ENABLED=false
 NEXTCLOUD_HOST=aio-nextcloud
 NOTIFY_PUSH_HOST=aio-notify-push
 REDIS_HOST=aio-redis
 REDIS_HOST_PASSWORD=YOUR_REDIS_PASSWORD
 NC_DOMAIN=${NEXTCLOUD_URL}
 OVERWRITEHOST=${NC_DOMAIN}
 OVERWRITEPROTOCOL=https
--- a/PiHole/docker-compose.yaml
+++ b/PiHole/docker-compose.yaml
@ -0,0 +1,15 @@
 services:
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    restart: always
    ports:
      - "53:53/tcp"
      - "53:53/udp"
      - "8053:80/tcp"
    env_file:
      - stack.env
    # Volumes store your data between container upgrades
    volumes:
      - ${PIHOLE_CONFIG_DIR}:/etc/pihole
      - ${PIHOLE_DNS_FILE}:/etc/dnsmasq.d
--- a/PiHole/stack.env
+++ b/PiHole/stack.env
@ -0,0 +1,4 @@
 PIHOLE_CONFIG_DIR=/home/portainer/pihole/config
 PIHOLE_DNS_FILE=/home/portainer/pihole/dnsmasq.d
 WEBPASSWORD=
 TZ=America/Toronto
--- a/Traefik/docker-compose.yaml
+++ b/Traefik/docker-compose.yaml
@ -2,11 +2,12 @@ version: '3.3'
 services:
  reverse-proxy:
-    # The official v2 Traefik docker image
+    image: traefik:latest
-    image: traefik:v2.10
+    restart: always
-    # Enables the web UI and tells Traefik to listen to docker
+    #extra_hosts:
    #  - hostname:ip # required to redirect hostnames to ips
    command:
-      #- "--log.level=DEBUG"
+      - "--api=true"
      - "--api.insecure=true"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
@ -15,19 +16,15 @@ services:
      - "--entrypoints.websecure.address=:443"
      - "--entrypoints.web.address=:80"
      - "--certificatesresolvers.myresolver.acme.tlschallenge=true"
-      - "--certificatesresolvers.myresolver.acme.email=${TRAEFIK_ADMIN_EMAIL}"
+      - "--certificatesresolvers.myresolver.acme.email=YOUR@EMAIL"
      - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
-    networks:
+      - "--log.level=DEBUG"
-      - backend
+      - "--log.filePath=/traefik/traefik.log" 
    ports:
-      - ${TRAEFIK_PORT_HTTP}:80 # The HTTP port
+      - 80:80 # The HTTP port
-      - ${TRAEFIK_PORT_HTTPS}:443 # The HTTP port
+      - 443:443 # The HTTPS port
-      - ${TRAEFIK_BACKEND_PORT}:8080 # The Web UI (enabled by --api.insecure=true)
+      - 8080:8080 # The Web UI (enabled by --api.insecure=true)
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock # So that Traefik can listen to the Docker events
      - ${TRAEFIK_DIR}:/traefik
-      - ${TRAEFIK_CERT_DIR}:/letsencrypt # For SSL certificates
+      - ${TRAEFIK_DIR}/certs:/letsencrypt # For SSL certificates
-
+      - /var/run/docker.sock:/var/run/docker.sock # So that Traefik can listen to the Docker events
 networks:
  backend:
    external: true
--- a/Traefik/stack.env
+++ b/Traefik/stack.env
@ -1,8 +1 @@
-TRAEFIK_PORT_HTTP=80
+TRAEFIK_DIR=/home/portainer/traefik
 TRAEFIK_PORT_HTTPS=443
 TRAEFIK_BACKEND_PORT=8080
 TRAEFIK_ADMIN_EMAIL=admin@example.com
 TRAEFIK_DIR=/path/to/traefik
 TRAEFIK_CERT_DIR=/path/to/traefik/certs
--- a/Vaultwarden/docker-compose.yaml
+++ b/Vaultwarden/docker-compose.yaml
@ -0,0 +1,23 @@
 services:
  vaultwarden:
    image: timshel/vaultwarden:latest
    container_name: vaultwarden
    restart: always
    env_file:
      - stack.env
    volumes:
      - ${VAULTWARDEN_DIR}/data:/data
    ports:
      - ${VAULTWARDEN_PORT}:80
  backup:
    image: bruceforce/vaultwarden-backup
    restart: on-failure
    init: true
    depends_on:
      - vaultwarden
    volumes:
      - ${VAULTWARDEN_DIR}/data:/data/
      - ${VAULTWARDEN_DIR}/backup:/backup/
    env_file:
      - stack.env
--- a/Vaultwarden/stack.env
+++ b/Vaultwarden/stack.env
@ -0,0 +1,26 @@
 VAULTWARDEN_DIR=/home/portainer/vaultwarden
 VAULTWARDEN_PORT=11001
 DOMAIN=
 SIGNUPS_ALLOWED=false
 PUSH_ENABLED=false
 SENDS_ALLOWED=false
 ORG_ATTACHMENT_LIMIT=5000
 USER_ATTACHMENT_LIMIT=3000
 INVITATION_ORG_NAME=NAME
 EMAIL_CHANGE_ALLOWED=false
 TEMPLATES_FOLDER=data/templates
 LOG_LEVEL=warn
 EXTENDED_LOGGING=true
 SSO_ENABLED=true
 SSO_ONLY=true
 SSO_FRONTEND=override
 SSO_CLIENT_ID=
 SSO_CLIENT_SECRET=
 SSO_AUTHORITY=
 SSO_SCOPES=email profile openid offline_access
 SSO_PKCE=true
 SSO_AUTH_ONLY_NOT_SESSION=true
 BACKUP_ON_STARTUP=true
 ENCRYPTION_PASSWORD=
 TIMESTAMP=true
Author	SHA1	Message	Date
SweetId	94db189099	Add Vaultwarden stack	2024-12-30 15:01:42 -05:00
SweetId	d466562458	Updating Traefik2 stack	2024-12-30 14:54:33 -05:00
SweetId	826d7f79ad	Add PiHole stack	2024-12-30 14:51:09 -05:00
SweetId	85697a23cd	Update Homepage stack	2024-12-30 14:50:03 -05:00
SweetId	030d31392d	Update Nextcloud stack	2024-12-30 14:48:04 -05:00
SweetId	0a56b99793	Add Home Assistant stack	2024-12-30 14:46:12 -05:00